On Fri, Aug 31, 2007 at 12:37:16PM -0400, Andrew Dunstan wrote: > > > Decibel! wrote: > >Is there something insecure about using ident sameuser for localhost > >authentication on Windows? > > > > FWIW, I never advise people to use ident auth for postgres except on > local (a.k.a. Unix domain socket) connections, which don't exist on Windows.
Is it easy to spoof where an incoming connection request is coming from? Is there something else that makes ident on 127.0.0.1/32 insecure? -- Decibel!, aka Jim Nasby [EMAIL PROTECTED] EnterpriseDB http://enterprisedb.com 512.569.9461 (cell)
Description: PGP signature